Check-in and access this session from the IGF Schedule.

IGF 2019 WS #155
Anywhere: Security of IoT Devices

    Organizer 1: Yuan XU, CNCERT/CC
    Organizer 2: Yunqian ZHU, CNCERT/CC
    Organizer 3: Yu ZHOU, Internet Society of China
    Organizer 4: Shuyi LOU, CNCERT/CC

    Speaker 1: Denis Legezo, Private Sector, Eastern European Group
    Speaker 2: Noelle Francesca de Guzman, Technical Community, Western European and Others Group (WEOG)
    Speaker 3: Abel Torres, Private Sector, Western European and Others Group (WEOG)

    Moderator

    Yunqian ZHU, Civil Society, Asia-Pacific Group

    Online Moderator

    Yuan XU, Civil Society, Asia-Pacific Group

    Rapporteur

    Shuyi LOU, Civil Society, Asia-Pacific Group

    Format

    Birds of a Feather - Classroom - 60 Min

    Policy Question(s)

    1. What is the current status of the security of IoT devices in your constituency? 2. Have you experienced any real cases? 3. What solutions are available in your entity? 4. What are the opportunities and challenges regarding the security of IoT devices? 5. Are there any policies and strategies in place to provide guidance for this area? 6. What are the roles of concerned parties and how can they cooperate with each other?

    SDGs

    GOAL 8: Decent Work and Economic Growth
    GOAL 9: Industry, Innovation and Infrastructure
    GOAL 10: Reduced Inequalities
    GOAL 11: Sustainable Cities and Communities
    GOAL 16: Peace, Justice and Strong Institutions
    GOAL 17: Partnerships for the Goals

    Description: This workshop touches upon a hot topic in the current interconnected era with not only people connected, but also things. It mainly aims to facilitate experience sharing, solution finding and discussion among participants from international organizations, governments, CERTs, renowned equipment manufacturers, and software providers worldwide to shed some lights on the current security situation of IoT devices, government strategies, technical solutions and best industrial practices, so as to raise everyone's awareness and improve protection skills. This workshop is expected to be carried out in a Birds of a Feather format, with short speeches by each invited speaker and discussion for the rest of the session. We will set the tone of this workshop by providing some commonly concerned topics, such as the status quo, policies or guidelines, technical approaches, industrial countermeasures, challenges and ways forward, to get everyone easily engaged and also leave out a lot of free discussion time for everyone to share their experience and comments. The questions that will be discussed during this workshop include but not limited to the current status of the security of IoT device, case studies, available solutions, opportunities and challenges, policies or strategies, roles of concerned parties, and way to cooperate.

    Expected Outcomes: We expect to find some possible solutions and some interesting perspectives concerning the security issue of IoT devices through this workshop by looking at this issue in a full-dimensional manner. On the one hand, this workshop will enlighten each participant with up-to-date statistics, policy suggestions, innovative technical approaches and guidelines that may not be easily and intensively acquired through other means; on the other hand, it will also inspire the participants with perspectives and experiences which could be well adapted and incorporated into their own conditions, so as to jointly build a secure, safe, stable and resilient environment. After the workshop, a summary report will also be produced and submitted to the IGT Secretariat within the required time limit.

    To effectively facilitate the discussion, we will first provide some pre-set questions which are designed based on both our own experience and concerns collected from related parties. Then, we will provide a fair amount of time for discussion, both on pre-set topics and in a free manner, to ensure that the whole audience will actively engage in and provide some fresh ideas and comments apart from our invited speakers. Third, we will make sure that the whole session will be efficiently and smartly moderated by our experienced moderator/expert to get the whole event lively and focused. Fourth, we will limit the speech time for each invited speaker for no more than 4 minutes and leave a fair amount of time for discussion. Finally, we will fully and effectively use the online tool provided by IGF and Gotomeeting software (please refer to the "other tool" option for detailed information) to get more offsite audience engaged and enrich our discussion.

    Relevance to Theme: As the emerging technologies advance, our physical world is becoming more Internet-enabled where various kinds of devices, vehicles, buildings and other items are connected to collect and exchange data. While bringing tremendous benefits to people's lives, such Internet of Things (IoT) has also led to the increasing emergence of new cyber threats and incidents, exerting huge socio-economic impact on every economy and affecting the security, safety and stability of the world.

    Relevance to Internet Governance: CNCERT/CC, as a non-government non-profit organization and representing the civil society, hopes that through this workshop, every stakeholder concerned can take this opportunity to share each other's experience and best practices to lay down some shared principles and find some possible solutions regarding the security of IoT devices, which will help shape the development and use of the Internet.

    Online Participation

    Although this is the first time we apply for an IGF workshop, many colleagues in our organization have attended IGF meetings previously. We are aware of this platform and we will do full research on the use of this tool from an organizer's perspective, get in touch with IGF for more information and get the right personnel from our side to make sure that we are both technically and procedurally prepared.

    Proposed Additional Tools: APCERT, as the regional community for CERTs and CSIRTs located in the Asia Pacific region, provides online training for its members every two months through a online meeting tool called Gotomeeting. As an APCERT member, CNCERT/CC plans to use Gotomeeting to have APCERT members online to participate in this workshop and especially to actively engage in the Q&A session.